<?php
//For security reasons, don't display any errors or warnings. 
error_reporting(0);
//start session
session_start();

class setup {
    //database setup

    var $hostname_logon = 'localhost';      //Database server LOCATION
    var $database_logon = 'wwwmsc_newcareer';       //Database NAME
    var $username_logon = 'wwwmsc';       //Database USERNAME
    var $password_logon = 'Slpnxhe}bX4h';       //Database PASSWORD
 
    //table fields
    var $user_table = 'USERS';          //Users table name
    var $user_column = 'user_name';     //USERNAME column 
    var $pass_column = 'user_passwd';      //PASSWORD column
    var $user_level = 'userlevel';      //(optional) userlevel column
 
    //encryption
    var $encrypt = false;       //set to true to use md5 encryption for the password
 
    //connect to database
    function dbconnect(){

        $connections = mysql_connect($this->hostname_logon, $this->username_logon, $this->password_logon) or die ("Unable to connect to the database");
        mysql_select_db($this->database_logon) or die ("Unable to select database!");
        mysql_query( "SET NAMES utf8", $connections );
        mysql_query( "SET CHARACTER SET utf8", $connections );
        return;

    }
 
    //login function
    function login($table, $username, $password)    {

        //conect to DB
        $this->dbconnect();
        //make sure table name is set
        if($this->user_table == ""){
            $this->user_table = $table;
        }
        //check if encryption is used
        if($this->encrypt == true){
            $password = md5($password);
        }//$password = md5($password);
		//echo md5($password);
        //execute login via qry function that prevents MySQL injections
        $result = $this->qry("SELECT * FROM ".$this->user_table." WHERE ".$this->user_column."='?' AND ".$this->pass_column." = '?';" , $username, md5($password));
        $row=mysql_fetch_assoc($result);
        if($row != "Error"){
            if($row[$this->user_column] !="" && $row[$this->pass_column] !=""){
                //register sessions
                //you can add additional sessions here if needed
                $_SESSION['username'] = $row[$this->user_column];
                $_SESSION['loggedin'] = $row[$this->pass_column];
                $_SESSION['fname'] = $row['user_fname'];
                $_SESSION['lname'] = $row['user_lname'];
                $_SESSION['userid'] = $row['user_id'];
                $_SESSION['email'] = $row['user_email'];
                //userlevel session is optional. Use it if you have different user levels
                $_SESSION['userlevel'] = $row[$this->user_level];
                return true;
            }else{
                session_destroy();
                return false;
            }
        }else{
            return false;
        }
 
    }
 
    //prevent injection
    function qry($query)    {

      $this->dbconnect();
      $args  = func_get_args();
      $query = array_shift($args);
      $query = str_replace("?", "%s", $query);
      $args  = array_map('mysql_real_escape_string', $args);
      array_unshift($args,$query);
      $query = call_user_func_array('sprintf',$args);
      $result = mysql_query($query) or die(mysql_error());
          if($result){
            return $result;
          }else{
             $error = "Error";
             return $result;
          }

    }
 
    //logout function
    function logout()   {

        session_destroy();
        return;

    }
 
    //check if loggedin
    function logincheck($logincode, $user_table, $pass_column, $user_column)    {
        //conect to DB
        $this->dbconnect();
        //make sure password column and table are set
        if($this->pass_column == ""){
            $this->pass_column = $pass_column;
        }
        if($this->user_column == ""){
            $this->user_column = $user_column;
        }
        if($this->user_table == ""){
            $this->user_table = $user_table;
        }
        //exectue query
        $result = $this->qry("SELECT * FROM ".$this->user_table." WHERE ".$this->pass_column." = '?';" , $logincode);
        $rownum = mysql_num_rows($result);
        //return true if logged in and false if not
        if($rownum != "Error"){
            if($rownum > 0){
                return true;
            }else{
                return false;
            }
        }
    }
    
    function redirect($uri = '', $method = 'location', $http_response_code = 302)   {       //methodos matabasis se alla pages
        if ( ! preg_match('#^https?://#i', $uri))   {
            $uri = site_url($uri);
        }
        switch($method) {
            case 'refresh'  : header("Refresh:0;url=".$uri);
            break;
            default         : header("Location: ".$uri, TRUE, $http_response_code);
            break;
        }
        exit;
    }

	function getHost()  {
        //o host pou stegazetai to site
        	return "http://192.185.116.17/~wwwmsc/";

   	 }
}
function get_user_data($user_id)
{
if($user_id){
$sel_user_data="select * from USERS where user_id=".$user_id;
$user_result=mysql_query($sel_user_data);
$user_row=mysql_fetch_array($user_result);
return $user_row;
}
}
function get_ad_data($ad_id)
{
if($ad_id){
$sel_user_data="select * from ADS where ad_id=".$ad_id;
$user_result=mysql_query($sel_user_data);
$user_row=mysql_fetch_array($user_result);
return $user_row;
}
}
?>